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(54) Personal authentication system 

(57) An authentication system includes a computer 
1 , an input means 3, a fingerprint database 4, a display 
device 10, an adapter circuit 11, and a fingerprint collat- 
ing device 12. The input means 3 includes a keyboard 8 
and a fingerprint sensor 9. The fingerprint sensor 9 is 
integrated into the keytward 8. The authentication sys- 

1 COMPUTER 



tern allows a user to perform predetermined operation 
to the computer 1 , only when fingerprint information of 
the user detected by the fingerprint collating device 12 
is coincident with fingerprint information registered in 
the fingerprint database 4. 
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BACKGROUND OF THE INVENTION: 

Field of the Invention 



[(KHJI ] This Invention relates to a personal authentica- 
tion system and, in particular, to a personal authentica- 



ters fingerprint information of users in advance, and a 
collating means which is connected to the computer and 
collate the fingerprint information detected by the fin- 
gerprint sensor with the fingerprint information regis- 
tered in the storage means. 

[0009] Further the system allows the user to have pre- 
determined operation performed by the computer, when 
it is deterrraned that the detected fingerprint informafion 



tion system which performs the personal authentication is coincident with the registered fingerprint information 
by identifying a user's 



Description of the Related Art 

[0002] In the past, a fingerprint reading system has 
been disclosed in Japanese Laid-Open Publication No. 
HI -154295 (namely. 154295/1989). The system has a 
relatively large device, for example, an ATM(automatic 
teller machine) or an ECR (electronic cash register). In 
the system, a fingerprint reading head is arranged on a 
top surface of a key which performs a specific function 
determined in the ATM in response to being pushed. 
The system extracts a user's fingerprint from the top 
surface of the key to authenticate the user when he 
pushes the key in question by one of his fingers. 
[0003] Other conventional personal authentication 
systems authenticate a user by checking a password 
supplied by the user, when the user logs in a computer 
system or an application. 

[0004] However, each of these conventional systems 
has problems, in the former system, an input device 
tends to be large in size if a fingerprint reading system 
is integrated into the input device, such as a keyboard 
used in a personal computer system because it has 
never been considered that the fingerprint reading sys- 
tem is used in a small-sized input device. 
[0005] On the other hand, in tiie later systems, the 
password can be easily stolen by peeping into a screen 
on which the password is supplied, or easily inferred 
from the user's birthday etc. As a result, the systems are 
apt to be undesirably or illegally utilized by people other 
than the user. 

SUMMARY OF THE INVENTION: 

[0(X16] Therefore, it is an object of the invention to pro- 
vide a personal authentication system which includes a 
small-sized input device. 

[0007] It is another object of the invention to provide a 
personal authentication system which can prevent use 
of the system by otiier people. 
[0(K)8] According to an embodiment of tiie invention, 
a personal authentication system including computer for 
use in authenticating a user is provided. The system 
comprises an input means by which ttie user input an 
instniction to the conputer, a fingerprint sensor which 
detects fingerprint information of the user when ttie user 
touches the sensor by the user's finger, a storage 
means which is connected to the computer and regis- 
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Fig. 1 shows a block diagram of a personal authen- 
tication system according to a first embodiment of 
the invention; 

Fig. 2 schematically shown a keyboard and a fin- 
gerprint sensor of the personal authentication sys- 
tem shown in Rg. 1 ; 

Fig. 3 shows a flow chart representing log on oper- 
ation of the personal authentication system shown 
in Fig. 1; 

i=1g. 4 shows a flow chart representing data 
encrypting operation of the personal authentication 
system shown in Rg. 1 ; 

Rg. 5 shows a flow chart representing data decod- 
ing operation of the personal autiientication system 
shown in Rg. 1 ; 

Fig. 6 shows a flow chart representing data signing 
operation of the personal authentication system 
shown in Fig. 1 ; 

Rg. 7 shows a flow chart representing signature 
verification operation of the personal authentication 
system shown in Rg. 1 ; and 
Rg. 8 shows a block diagram of a personal authen- 
tication system according to a second embodiment 
of the invention. 

DESCRIPTION OF THE PREFERRED EMBODIMENT : 

[001 1 ] Fig. 1 shows a first embodiment of a personal 
authentication systOT of the invention. As shown in Fig. 
1 , the personal auttientication system includes a com- 
puter 1, an input device 3 connected to tiie computer 1 
via an internee 2, and a fingerprint database 4 con- 
nected to the computer 1 . The conrputer 1 includes an 
application softvrare 5, middle-ware 6 which comi 
cates with the application software 5, and a driver soft- 
ware 7 which communicates with the middle-ware 6. 
[001 2] The input device 3 includes a keyboard 8, a fin- 
gerprint sensor 9, a di^lay dwice 1 0, a fingerprint col- 
latir^ device 12, and an adapter circuit 11 which 
connected to these elanents 8 - 1 0, 1 2. The adapter cir- 
cuit 1 1 is also connected to the computer 1 via the 
^ce2. 

[0013] The computer 1 may be, for example, a per- 
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sonal (X)rtputer (PC), a workstation (WS), a server com- 
puter, or a super computer. The application software 5 
realizes a plurality of operations, such as a log-on oper- 
ation to the corrputer 1 , an operation of encrypting data, 
an operation of decoding data, an operation of signing 
data, and an operation of verifying a signature. 
[0014] The middle-ware 6 comprises capabilities of 
authentication result notification smi device authentica- 
tion of the keytxiard 8. TTie middle-ware 6 further com- 
prises the capability of perscxial authentication by 
fingerprint, if the fingerprint collating device 12 has no 
capability of personal authentication. 
[001 5] The interface 2 is structured based on standard 
of device interface such as RS-232C or USB. 
[001 6] While the input device 3 includes the lieyboard 
8, the fingerprint sensor 9, the display device 10, Uie fin- 
gerprint collating d^ce 12, and the adapter circuit 1 1 , 
the display device 1 0 and the fingerprint collating device 
12 may not be included in the input device 8 but may be 
individually and directly connected to the conputer 1 . 
[001 7] To detect and collate fingerprint, various kinds 
of well known conventional methods may be used which 
may be, for example, methods disclosed in Japanese 
Laid-open Publication Nos. S55-138174 (namely, 
138174/1980) and S56-24675 (namely, 24675/1981). 
[0018] As shown in Fig. 2, the fingerprint sensor 9 is 
integrated into the input device 3. Responsive to a 
user's operation of touching the fingerprint sensor 9, the 
input device 3 outputs a signal including detected fin- 
gerprint information to the computer 1 . 
[001 9] The fingerprint sensor 9 may be composed of 
an optical sensor or a semiconductor sensor. When a 
user's finger touches the fingerprint sensor 9, the sen- 
sor 9 detects fingerprint information, generates a signal 
from the information, and sends the signal to the 
adapter circuit 1 1 . 

[0020] TTie fingerprint information of users is regis- 
tered in advance in the fingerprint database 4. There- 
fore, the computer 1 can collate the fingerprint detected 
by the fingerprint sensor 9 with the fingerprint registered 
in the fingerprint database 4. If the fingerprints are coin- 
cident with each other, the computer 1 allows the user to 
perform the above operations, for example, log-on or 
encrypting data. 

[0021 ] Flow charts shown in Figs. 3. 4, 5, 6, and 7 are 
related to operations of log-on, encrypting data, decod- 
ing data, signing data, and verifying a signature, respec- 
tively. Hereinafter, the operations of the invention will be 
described with reference to Figs. 3 through 7. 
[0022] In Fig. 3, atfrst, it is d^ermined whether a user 
wants to log-on to a system or application at step SI. If 
the user want to log-on. fingerprint input request mes- 
sage is displayed onto the di^lay device 10 at step S2. 
Next, it is determin«i whether or not the sensor 9 
detects the user's fingerprint information at step S3. 
[0023] If the sensor 9 detects the fingerprint Informa- 
tion, the process proceeds to step S4 and then it is 
determined whether the detected fingerprint information 



is coincident with the fingerprint information registered 
in the f ir^erprint database 4. 
[0024] If the detected fingerprint information is coinci- 
dent with the registered fingerprint information, the user 
5 is allowed to log-on to the conputer 1 at step S5. Other- 
wise, the user is prohibited from using ttie computer 1 at 
stepSe. 

[IKieS] In Fig. 4, at first, it is detennined whether or not 
a user wants to encrypt data at step S11. If the user 

10 wants to encrypt the data, fingerprint input request mes- 
sage is displayed onto the display device 10 at step 
SI 2. Next, it is determined wither the sensor 9 detects 
the user's fingerprint information at step S13. 
[0026] If the sensor 9 detects the fingerprint informa- 

75 tion, the process proceeds to step SI 4 and then it is 
determined whether the detected fingerprint information 
is coincident with the fingerprint information registered 
in the fingerprint database 4. 
[0027] If the detected fingerprint information is coinci- 

20 dent with the registered fingerprint information, the user 
is allowed to encrypt the data, at step SI 5. using a key 
assigned to the user (each user having a key which is 
different from each other and which may be stored in the 
fingerprint database 4). Othenwise, the user is prohib- 

25 ited from encrypting the data at step SI 6. 

[0028] In Fig. 5, at first, it is determined whether a user 
want to decode data at step S21. If the user wants to 
decode the data, fingerprint input request message is 
displayed onto the display device 10 at step S22. Next, 

30 it is detemiined whether the sensor 9 detects the user's 
fingerprint information at step S23. 
[0029] If the sensor 9 detects the fingerprint informa- 
tion, the process proceeds to step S24 and then it is 
determined whether the detected fingerprint information 

35 is coincident with the fingerprint information registered 
in the fingerprint database 4. 
[0030] If the detected fingerprint information is coinci- 
dent with the registered fingerprint information, the user 
is allowed to decode the data using a key assigned to 

40 the user at step S25. Othenwise, the user is prohibited 
from decoding the data at st^ S26. 
[0031 ] In Fig. 6, at first, it is determined whether a use 
wants to sign data at step S31 . If the user want to sign 
the data, fingerprint input request me^ge is displayed 

45 onto the display device 1 0 at step S32. Next, it is deter- 
mined whether the sensor 9 detects the user's finger- 
print information at step S33. 
[0032] If the sensor 9 detects the fingerprint informa- 
tion, the process proceeds to st^ S34 and then it is 

50 determined whether the detected fingerprint information 
is coincident with the fingerprint information registered 
in the fingerprint database 4. 
[0033] If the detected fingerprint information is coinci- 
dent with the register fingerprint information, the user is 

55 allowed to sign the data using a key assigned to the 
user at step S35. Othenwise, the user is prohibited from 
signing the data at step S36. 
[0034] In Fig. 7, at first, it is determined whether a user 
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want to verify a signature at step S41 . If the user want to 
verify the signature, fingerprint input request message 
is displayaj onto the display device 10 at st^ S42. 
Next, it is determined whether the sensor 9 detects the 
user's fingerprint information at stqp S43. 5 
[0035] If the sensor 9 detects the fingerprint informa- 
tion, the process proceeds to step S44 and then it is 
determined whether the detected fingerprint Information 
is coincident with the fingerprint information registered 
in the fingerprint database 4. 10 
[0036] If the detected fingerprint information is coinci- 
dent with the registered fingerprint information, the user 
is allowed to vwify the signature using a key assigned to 
the user at step S45. Othenwise, the user is prohibited 
from verifying the signature at step S46. is 
[0037] Next, description of a second embodiment of 
the invention will be made with reference to Fig. 8. Fig. 
8 shows a block diagram of a second embodiment of the 
personal authentication system of the invention. The 
system shown in Fig. 8 includes a server conputer 13, 20 
which is connected to a plurality of client conputers 14, 
a fingerprint database 18, a fingerprint collating device 

19, and a personal database 20. 

[(M}38] Each client conputer 14 includes a Iceyboard 
1 5, a fingerprint sensor 1 6 integrated into the keyboard 25 
1 5, and a display device 1 7. The fingerprint database 1 8 
stores a plurality of fingerprint information of users in 
advance. Fingerprint information of the user who is 
allowed to use the system is stored In the database 18. 
[0039] The fingerprint collating device 1 9 collates fin- 30 
gerprint information detected by the fingerprint sensor 
16 with the fingerprint information stored in the finger- 
print database 18. The personal database 20 includes a 
plurality of personal data of users. 
[0040] The second embodiment of the invention is the as 
same as the first emtxjdiment of the invention shown in 
Figs. 1 through 7, except that the second entoodiment 
includes a plurality of client computers 14, keyboards 
15, and display devices 16 and the personal database 

20. « 
[0041] In the second en*odiment of the invention, 
when the fingerprint collating device 1 9 collates the fin- 
gerprint information of a user detected by the fingerprint 
sensor 16 with the fingerprint information registered in 
the fingerprint database 18 and determines that the 45 
detected fingerprint information is identical with the reg- 
istered fingerprint information, the sen/er conputer 13 
sends the personal data corresponding to the user in 
the personal database 20 to the client computer 14 
incoming the fingerprint information. so 
[0042] As stated above, a personal authentication sys- 
tem of the invention has a small-sized input device 
because of the integration of a fingerprint sensor into a 
keyboard. Further, the system is not able to be used by 
other people because of personal authentication using ss 
fingerprint. 



Claims 

1 . A personal autiientication system including a com- 
puter (1) for use in authenticating a user, compris- 
ing: 

an irput means (8) by which tiie user inputs an 
instruction to the computer (1); 
a fingerprint sensor (9) which detects finger- 
print information of the user when the user 
touches the sensor (9) by his finger; 
a storage means (4) which is connected to the 
computer (1) and registers fingerprint informa- 
tion of users in advance; and 
a collating means (12) which is connected to 
the computer (1) and collates the fingerprint 
information detected by the fingerprint sensor 
(9) with the fingerprint information registered in 
the storage means (4). and 
when it is determined that the detected finger- 
print information is coincident with the regis- 
tered fingerprint information by the collating 
means (1 2), the computer (1) allovi/s the user to 
perform predetermined operation on the com- 
puter (1). 

2. The system of claim 1 , further comprising: 

a display means (10) which is connected to the 
computer (1) and displays fingerprint input 
request message to the user. 

3. The system of daim 1 , wherein the fingerprint sen- 
sor (9) is integrated into the input means (8). 

4. The system of claim 1 , wherein the predetermined 
operation to tiie conputer (1) is one of operations 
including log-on operation to the conputer (1), 
encrypting data by using a key assigned to tiie iser, 
decoding data by using a tey assigned to the user, 
signing data by using a key assigned to the user, 
and verifying signature by using a key assigned to 
the user. 

5. A personal authentication system, for use in 
authenticating a user, including a server computer 
(13) and a plurality of client computers (14), each 
client computer (1 4) comprising: 

an input means (15) by which ttie user inputs 

an instruction to the client conputer (14) or the 

server conputer (13); and 

a fingerprint sensor (16) which detects finger- 

prirrt information of the user when he touches 

the sensor (16) by his finger, 

and the server computer (13) comprising: 

a storage means (18) which registers fin- 
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gerprint informafon of users in advance; 
and 

a collating means (19) which collates the 
fingerprint information detected tjy the fin- 
gerprint sensor (16) with the fingerprint s 
information registered in the storage 
means (18). 

6. The system of claim 5, wha-ein the sever computer 

(13) further comprises a second storage means io 
(20) which stores personal information of users, 

and when it is determined that the detected 
fingerprint information is coincidertt with the regis- 
tered fingerprint by the collating means (19), the 
server conputer (13) supplies the client computer is 

(14) which the fingerprint information is detected 
with the personal information corresponding to the 
user in the second storage means (20). 

7. A method of authenticating a user of a computer, so 
conprising the steps of: 

registering fingerprint information of users in 
advance; 

detecting the fingerprint information when the zs 
user touches the fingerprint sensor by his fin- 
ger; 

collating the detected fingerprint information 
with the registered fingerprint information; and 
allowing the user to perform predetermined so 
operation with the computer, when it is deter- 
mined that the detected fingerprint information 
is coincident with the registered fingerprint 
information. 

35 

8. A conputer readable medium which stores a pro- 
gram operable for authenticating a user of a compu- 
ter, comprising the steps of: 

registering fingerprint information of users in 4o 
advance; 

detecting the fingerprint information when the 
user touches the fingerprint sensor by his fin- 
ger; 

collating the detected fingerprint information 4S 
with the registered fingerprint irribrmation; and 
allowing the user to perform predetermined 
operation with the computer, when it is deter- 
mined that the detected fingerprint information 
is in coindderrt with the registered fingerprint so 
information. 
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